<?php
session_start();
include 'include/db_connect.php';
connect();
$sql="SET CHARACTER SET UTF8";   
query($sql);

$username = $_POST['username'];
$password = $_POST['password'];

if($username =='' or $password ==''){
	echo "กรุณาระบุชื่อผู้ใช้หรือรหัสผ่าน";
	exit();
}
$sql = "select * from tb_admin where username = '".mysql_real_escape_string($username)."' and password = '".mysql_real_escape_string($username)."'";
$qr = select($sql);
$total = count($qr);
if($total==0){
	echo "username หรือ password ไม่ถูกต้อง";
	exit();
}else{
	$_SESSION['admin_id'] = $qr[0]['id'];
	$_SESSION['admin_username'] = $qr[0]['username'];
	$_SESSION['admin_password'] = $qr[0]['password'];	
	$_SESSION['admin_name'] = $qr[0]['name'];
	$_SESSION['admin_email'] = $qr[0]['email'];
}


?>